EFFector Vol. 17, No. 13 April 15, 2004
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
In the 285rd Issue of EFFector:
- Action Alert: Don't Subsidize the Surveillance State!
- Google's Gmail: A Rough Guide to Protecting Your Privacy
- Let the Sun Set on PATRIOT - Sections 202 and 217
- EFF @ the 2004 Computers, Freedom & Privacy Conference
- EFF Seeks Socially Responsible Technical Director
- MiniLinks (19): American Airlines: 1.2 Million Passengers Served to Gov't Contractors
- Staff Calendar: 04.17.04 - 04.18.04 - Wendy Seltzer speaks at Florida Atlantic University, Boca Raton, FL; 04.20.04 - 04.23.04 - Kevin Bankston, Cindy Cohn, Chris Palmer, Fred von Lohmann, Wendy Seltzer, Seth Schoen and Lee Tien speak at CFP, Berkeley, CA
- Administrivia
Don't Subsidize the Surveillance State! Tell the FCC to Keep CALEA Off the Net
The FBI wants to apply a decade-old telephone surveillance law to the Internet - and it's going to cost you. The Communication Assistance for Law Enforcement Act of 1994 (CALEA) forced phone companies to build convenient wiretap features into their networks, but at least it provided money for the changes. That money is long gone, and now the FBI wants the FCC, network equipment companies, broadband ISPs and their customers to pay for a new surveillance regime. This novel interpretation of the law will be bad for innovation, consumers and civil liberties. Tell the FCC to keep CALEA off the Net!
Make your voice heard:
http://www.eff.org/activism/calea/
Join EFF today:
https://secure.eff.org/
EFF's comments on the FBI proposal:
http://www.eff.org/Privacy/Surveillance/20040413_EFF_CALEA_comments.php
Google's Gmail: A Rough Guide to Protecting Your Privacy
As we noted in last week's EFFector, Google has introduced a new beta email service called "Gmail" that raises a number of privacy concerns.
While the media has largely focused on the fact that Gmail will scan the contents of your email messages in order to target ads, the more serious problem from a privacy perspective is Google's ability to link your Gmail account information with your Google web searches. By linking your complete Google search history - tagged with your name and personal details - to your email records, Google can create a highly nuanced picture of you as a reader and as a person. Such pictures present irresistible targets for government investigators, civil lawsuit plaintiffs, and even identity thieves. A single attack or disclosure could release deeply sensitive details about your life to the world without your knowledge or consent.
Below, we explain how personal information from your Gmail account can be linked to your Google searches, provide a technical "how-to" for (temporarily) keeping the two separate, and offer our recommendations for a longer-term solution to the problem. Although we focus here on Google, these recommendations apply to any business - Yahoo, Hotmail/MSN - that offers both search and email services and can link the two.
The Problem
Google uses cookies - bits of identifying data that automatically allow a website to "recognize" you - to link every Google search you conduct on the same computer and browser. This could be used to help Google to refine your search results or their display to match your preferences more closely. Even though Google keeps this search information stored on its servers, without your name and other personalized information it has no way explicitly to link searches to your other activities and correspondence on the Internet.
The problem is that the Gmail service may change this. All of a sudden, Google can know exactly who you are every time you search the Internet using its service. And not only that, its databases know who is sending you email, to whom you respond, and even what you write about. With innumerable search results and up to 1 gigabyte of email messages per Gmail account at its disposal, Google could pull together an extremely detailed dossier on each of the millions of people who use its services every day. Such a vast assemblage of nuanced personal information could become a bigger privacy nightmare than government projects such as Total Information Awareness (TIA).
As we note above, Google isn't the only threat. Yahoo and Hotmail, although they're not (yet) offering to archive a full gigabyte of your personal email messages, can also link your email account to your search history - and to your instant messaging as well. Amazon is getting in on the game, too, announcing this week its new "A9" search service, which will allow the company to correlate your book browsing and purchases with your search and click history via cookies.
The Fix
Contrary to what we suggested last week, merely deleting cookies "often" is not enough to prevent this from happening. You would have to delete cookies both before and after you use Gmail - each and every time. There's a better way.
Delete Past Linkability
For current and prospective Gmail users, we suggest that you start by deleting your existing Google cookies before you use Gmail (and before you enter your real name or existing email address in any Google form). This will help prevent your pre-existing search history from becoming associated with your identity in the future. (Note that it will also cause you to lose any Google preferences you have entered, such as language or adult content preferences.)
Prevent Future Linkability
In addition, we suggest that you use one of the two following schemes to prevent a link between your Gmail account and your Google searches:
(1) If you don't already have two or more web browser programs installed on your computer, obtain a second browser. Use the second browser only to access Gmail, and never use it for Google searches. To serve as a reminder for which browser to use, you could configure your second browser to load Gmail automatically when it starts.
(2) Use an "anonymizing" or cookie-controlling proxy service such as Anonymizer.com whenever you use Google search. For example, if you are an Anonymizer.com subscriber, you can create a web browser bookmark to the URL https://anon.ssl.anonymizer.com/http://www.google.com/ Use this bookmark whenever you want to make a Google search. You can then feel free to log on to the Gmail service using your ordinary web browser.
Our Recommendations to Google
Google doesn't have to make us jump through these kinds of technical hoops in order to protect our search privacy. In fact, Google could easily reassure its users about linking email to search with one simple step. Because each cookie is associated with a particular domain, Google could move the Gmail service from gmail.google.com to www.gmail.com - thereby keeping the gmail.com cookie separate from the google.com cookie. While using separate domains may not be as convenient for some users as a single sign-on at a single domain, single sign-on could easily be offered as an opt-in feature, giving people a fair opportunity to assess the privacy/convenience trade-off before Google starts collecting their data.
Finally, Google has said that it will not use Gmail to determine who is using the Google search engine for particular searches. This is a good policy, but it needs to be spelled out clearly on the Gmail privacy policy page: www.google.com/gmail/help/privacy.html
What's Next?
EFF is pleased that Google has so far been forthcoming about many of the features and issues raised by Gmail. We plan to continue our talks with the company, and we hope that Google will adopt our recommendations. When the final version of the Gmail service is released, we'll take a fresh look and let you know whether or not the service makes the grade for protecting your privacy.
The Big Picture
What we've offered here is a short-term fix for current/prospective Gmail users and a few brief recommendations for Google, barely scratching the surface of the privacy issues surrounding Web mail. A temporary work-around is just that - temporary. In the longer term, we are exploring bigger picture issues including:
- Concern over the growing trend to move large portions of people's lives online via 3rd party providers, abandoning hard-won legal protections.
- Risks of potential correlation of large swaths of private online activity beyond mail and searching at all the major providers: MSN, Yahoo, AOL and now potentially Google.
- Different legal rules that may apply to mail that is indexed, searched or keyword matched by a third party - even when all these tasks are entirely automated.
- What risks users should be aware of, what technical measures they can take to protect their privacy, and what legal and contractual measures they should demand to protect their rights.
Let the Sun Set on PATRIOT - Sections 202 and 217: "Authority to Intercept Wire, Oral and Electronic Communications Relating to Computer Fraud And Abuse Offenses" and "Interception of Computer Trespasser Communications"
Apologists justified the broad, civil-liberties corroding powers granted to the government under the USA PATRIOT Act by arguing that they would be used to put terrorists behind bars. Yet several provisions can be used against Americans in a wide range of investigations that have nothing to do with terrorism. Worse, the Department of Justice has worked to expand and/or make permanent a number of these provisions - despite the fact that they were sold to the public as "temporary" measures and are scheduled to expire, or "sunset," in December of 2005.
Every two weeks, we profile one of the 13 provisions scheduled to sunset and explain in plain language what's wrong with the provision and why Congress should allow it to expire. This week we tackle two at once: Sections 202 and 217.
Why Sections 202 and 217 Should Sunset
The two provisions together make it easier for the FBI to get privacy-invasive wiretap orders and to intercept your electronic communications when investigating computer crimes - even when those crimes have absolutely nothing to do with terrorism.
Wiretap orders are like "super-warrants" - only the most serious crimes justify their use. Yet in the climate of fear in the wake the 9/11 terrorist attacks, the Justice Department persuaded Congress to expand the government's wiretap powers without ever having to cite even a *single instance* in which a computer-crime investigation - much less a terrorism investigation - had been hindered due to lack of surveillance authority.
The DoJ also succeeded in pushing through a provision that under some circumstances gives the FBI the power to intercept your private electronic communications - email messages, faxes, instant messages, etc. - *without* a judge's approval.
How Sections 202 and 217 Changed the Law
Conclusion
Anti-terrorism laws cannot be justified by fear alone - they must address a real need or be repealed. Absent a clear demonstration from the FBI that these new surveillance powers are necessary, Congress should allow Sections 202 and 217 to expire.
Next Time
We'll look at USA PATRIOT Section 218, which allows the FBI to investigate garden-variety criminals with surveillance powers once reserved for international spies and terrorists.
For this analysis:
http://www.eff.org/Privacy/Surveillance/Terrorism/PATRIOT/sunset/202.php
For previous profiles:
http://www.eff.org/Privacy/Surveillance/Terrorism/PATRIOT/sunset/
EFF @ the 2004 Computers, Freedom & Privacy Conference
EFF staff members will present at a number of tutorials and panels at this year's Computers, Freedom & Privacy conference, which takes place Tuesday-Friday of next week (April 20-23) at the Claremont Resort & Spa in Berkeley, CA. EFF will also be presenting our 2004 Pioneer Awards at 6:30 p.m. on Thursday, April 22nd at Chabot Space and Science Center in Oakland, CA, in conjunction with the conference.
Below is a quick guide to the panels EFF is participating in - we hope to see you there!
CFP Program:
http://www.cfp2004.org/program/
Tuesday, April 20:
Lee Tien: "RFID and Privacy"
Chris Palmer: "Network Surveillance HOW-TO: A Tutorial Workshop
on Snooping Around Modern Networks."
Lee Tien: "Telecommunications Law for the Rest of Us"
Wednesday, April 21:
Lee Tien: "Tapping the Net, Revisited: Voice Over IP and Law
Enforcement"
Thursday, April 22:
Seth Schoen: "Trusted Computing"
Kevin Bankston: "Wardriving, Wireless Networks and the Law"
Wendy Seltzer: "Privacy and Liberty Implications of Suing File
Sharers"
Cindy Cohn: "Data Retention and Privacy: A 'Real World' Approach
to EU and US Regulations"
Fred von Lohmann and Jason Schultz: "The Next Drug War:
Possession Statutes Target Technology"
EFF: "2004 Pioneer Awards"
Friday, April 23:
Wendy Seltzer: "Cease and Desist: Two Years of Fighting Online
Chill"
EFF Seeks Socially Responsible Technical Director
EFF is seeking a fulltime technical director to start immediately and work out of EFF's San Francisco (Mission District) office. This person will be responsible for managing four members of EFF's technical staff and their various projects. Technical staff responsibilities include keeping our internal systems running and providing expert support to our attorneys and members. It also includes actively building, and supervising the building of, technologies that advance free speech and privacy. The technical director will be responsible for creating a cogent technology strategy for EFF. The director must be a team player. This person must be a good writer, good speaker and good listener. This person may be called on to be an expert witness, conference speaker, declarant in a court case, or debater against entertainment companies or government attorneys. Comfort with advocating for a position essential.
Project management experience absolutely required. Extensive experience (10 years+) with the Internet and various related technologies also required. Ideally, this person is already well known and respected within the Internet community. The job requires an in-depth understanding of network protocols and security, and experience with software and/or hardware development. Experience with telecom industry and technologies highly desirable. Familiarity with Internet civil liberties issues and EFF's work required. Salary at nonprofit scale and includes benefits package. This is a job for someone who wants to affect positive social change in the world. While the compensation is low and the work is hard, what we're working on is cutting edge, and you couldn't find a better group of people with which to work.
To apply, send a cover letter and your resume with links to some samples of your work to ctojob@eff.org no later than April 15, 2004. We request that you send these materials in a non-proprietary format, such as an ASCII text file. No phone calls please!
miniLinks
miniLinks features noteworthy news items from around the Internet.
~ How Apple Can Afford to Take a Loss on the iTunes Music Store
The company's profits tripled on a 900% increase in iPod sales:
http://news.bbc.co.uk/2/hi/business/3627425.stm
~ GMail - the Good, the Bad and the Ugly
According to Danah Boyd:
http://www.eff.org/cgi/tiny?urlID=175
(Apophenia weblog)
~ This Just In:
Another Reason to Love Google
The company is considering changes to Gmail after hearing critics'
concerns - a classy move that companies make only once one in a
google:
http://www.eff.org/cgi/tiny?urlID=176
(Reuters)
~ FL Reconsiders Ban on Recounts
You read that right - the Florida legislature had been planning
to address the inauditability of e-voting machines by making
some recounts illegal:
http://www.miami.com/mld/miamiherald/news/politics/8417117.htm?1c
(Registration unfortunately required.)
~ Iraqster:
Soldiers Swap Music During Wartime
The New York Times on the file sharing in Iraq:
http://www.nytimes.com/2004/04/13/arts/music/13TROO.html
(Registration unfortunately required.)
~ Microsoft Creates RFID Council
A booster club for the tiny radio-tracking chips, run by a company
famous for its security expertise. We feel better about the
little buggers already:
http://www.ecommercetimes.com/perl/story/33328.html
~ FCC Taking TV Down the Tubes
Public Knowledge President Gigi Sohn with a great editorial on (some of)
what's wrong with the FCC's approach to regulation:
http://news.com.com/2010-1025_3-5189489.html
~ Rave Reviews for ClearPlay's New DVD Player
We love that it can eliminate both violence AND "vain references
to deity." That would make "The Passion," oh, 17 seconds long?
http://www.eff.org/cgi/tiny?urlID=177
(San Francisco Chronicle)
~ Cable Decision Held Until Supremes Weigh In
The FCC and cable ISPs are appealing the 9th Circuit loss that
would have forced cable companies to open up to competition:
http://news.com.com/2100-1028_3-5189485.html
~ Copyright for Facts? Judge Tells Boat Company to Pound Sand
Boats.com tried to stop price-scrapers with a copyright claim,
but the case didn't float:
http://www.eff.org/cgi/tiny?urlID=178
(Associated Press)
~ American Airlines:
1.2 Million Passengers Served to Gov't
Contractors
AA is the third airline to admit to secretly turning over
passenger data for government surveillance research - this time
to four companies competing for a CAPPS II contract. No matter
where you stand on passenger profiling, this shouldn't be
happening in secret and neither the airlines nor the government
should be lying about it:
http://www.washingtonpost.com/wp-dyn/articles/A720-2004Apr9.html
(Registration unfortunately required.)
Take action today - ask Congress for hearings:
http://action.eff.org/action/index.asp?step=2&item=2888
~ Canada Rejects Copyright Extension Bill
As Larry Lessig asks, "Will the sanity ever stop?"
http://www.eff.org/cgi/tiny?urlID=179
(CBC - Prince Edward Island)
~ A Unified Theory of Filesharing and CD Sales
Ed Felten reconciles different studies and disparate methods:
http://www.freedom-to-tinker.com/archives/000574.html
~ Musing About the Coming Panopticon
Jamais Cascio's "scenarios and anticipations" for a world in
which we surveil ourselves:
http://www.worldchanging.com/archives/000554.html
~ Claria Files Leathery, Reptilian IPO
The adware company formerly known as Gator is going public:
http://www.wired.com/news/business/0,1367,63008,00.html
~ VoteHere for Transparent Elections
The election security company has released its source code,
documentation of known issues and a host of other materials
for public review. Bravo!
http://www.votehere.net/news/archive04/040604.htm
~ Broadcast Flag for Digital Radio?
The technology is very young, but according to Public Knowledge
and Digital Consumer, the FCC may already be preparing to
slap a broadcast flag on it:
http://news.com.com/2100-1027-5186980.html
~ Fighting Censorship with P2P
Ross Anderson envisions a future in which government censors and
news syndicates don't control what news we hear:
http://news.bbc.co.uk/2/hi/technology/3611227.stm
~ PlayFair Fouled by DMCA
An open source project that offered tools to strip the DRM
from your legally purchased files is now offline because of
a DMCA notice:
http://macslash.org/article.pl?sid=04/04/09/1057246&mode=thread
Staff Calendar
For a complete listing of EFF speaking engagements (with locations and times), please visit the full calendar.
-
April 17-18 -
Wendy Seltzer speaks at Florida Atlantic University
Boca Raton, FL
http://www.fau.edu/ipconference -
April 20-23 -
Kevin Bankston, Cindy Cohn, Chris Palmer, Fred von Lohmann, Wendy Seltzer, Seth Schoen and Lee Tien speak at the 2004 Computers, Freedom & Privacy Conference
Berkeley, CA
http://www.cfp2004.org/program/
Administrivia
EFFector is published by:
The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
http://www.eff.org/
Editor:
Donna Wentworth, Web Writer/Activist
donna@eff.org
To Join EFF online, or make an additional donation, go to:
https://secure.eff.org/
Membership and donation queries: membership@eff.org
General EFF, legal, policy or online resources queries: ask@eff.org
Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements and articles may be reproduced individually at will.
To change your address or other information, please visit: http://action.eff.org/subscribe/
If you have already subscribed to the EFF Action Center, please visit: http://action.eff.org/login.asp/
To unsubscribe from the EFFector mailing list, send an email to alerts@action.eff.org with the word "Remove" in the subject.
(Please ask donna@eff.org to manually remove you from the list if this does not work for you for some reason.)
Back issues are available at:
http://www.eff.org/effector/
You can also get the latest issue of EFFector via the Web at:
http://www.eff.org/effector/
Return to EFFector Newsletters Index
Please send any questions or comments to webmaster@eff.org